[BigFix-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows'
autonotify at us.ibm.com
autonotify at us.ibm.com
Fri Dec 18 02:04:46 PST 2015
Fixlet Site - 'Patches for Windows'
Current Version: 2399 Published: Thu, 17 Dec 2015 16:05:21 GMT
New Fixlets:
============
***************************************************************
Title: MS15-124: Vulnerability in Internet Explorer could lead to ASLR bypass - Enable the User32 Exception Handler Hardening Feature - KB3125869
Severity: Important
Fixlet ID: 1512461
Fixlet Link: https://support.microsoft.com/kb/3125869
Fixlet Description: A security feature bypass for Internet Explorer exists as a result of how exceptions are handled when dispatching certain window messages, allowing an attacker to probe the layout of the address space and thereby bypassing Address Space Layout Randomization (ASLR). By itself, the ASLR bypass does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code on a target system. Successful exploitation of the ASLR bypass requires a user to be logged on and running an affected version of Internet Explorer. The user would then need to browse to a malicious site. Before applying the protections, Microsoft recommends that customers perform testing appropriate to their environment and system configurations.Note: Affected computers may report back as 'Pending Restart' once the update has run successfully, but will not report back their final status until the computer has been restarted.
***************************************************************
Title: MS15-124: Vulnerability in Internet Explorer could lead to ASLR bypass - Disable the User32 Exception Handler Hardening Feature - KB3125869
Severity: Unspecified
Fixlet ID: 1512463
Fixlet Link: https://support.microsoft.com/kb/3125869
Fixlet Description: A security feature bypass for Internet Explorer exists as a result of how exceptions are handled when dispatching certain window messages, allowing an attacker to probe the layout of the address space and thereby bypassing Address Space Layout Randomization (ASLR). By itself, the ASLR bypass does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code on a target system. Successful exploitation of the ASLR bypass requires a user to be logged on and running an affected version of Internet Explorer. The user would then need to browse to a malicious site. Before applying the protections, Microsoft recommends that customers perform testing appropriate to their environment and system configurations.Note: Affected computers may report back as 'Pending Restart' once the update has run successfully, but will not report back their final status until the computer has been restarted.
More information about the BigFix-Announcements
mailing list